Authenticate administrators using OpenID authentication method

You can authenticate administrators by using the OpenID connect authentication method to facilitate single sign-on to the SMC Web Access portal. An OpenID Provider is used to authenticate administrators to grant access to the SMC Web Access portal.

Before you begin

You must have the following:
  1. An OpenID Provider is configured. Please contact your OpenID Provider support team for details.
  2. OpenID Discovery URL.
  3. The Client ID.
  4. The Client Secrets.
Note:
  1. The OpenID connect authentication method can only be used with the SMC Web Access portal. Also, this authentication method can only be configured for an administrator.
  2. You must restart the SMC Web Access portal for the changes made to come into effect.

Steps

  1. Create a SAML authentication method element:
    1. Select Configuration, then browse to User Authentication > Authentication Methods.
    2. Right-Click and select New Authentication Method.
    3. Enter a unique name for the authentication method element in the Name field.
    4. From the Type drop-down list, select OpenID.
      Note: The fields below the Type drop-down list changes as per the options selected from the Type drop-down list.
    5. Enter the URL from where SMC will fetch the details about the OpenID connect authorization server in the OpenID Discovery URL field.
    6. Enter the public identifier for SMC Web Access application in the Client ID field.
    7. Enter the client secret that is used by SMC Web Access to authenticate itself in the Client Secret field.
    8. Enter the ID token that is claimed to be used as the username in the Username Attribute Name field.
    9. Select a certificate authority that is used to connect to the OpenID server. Click Select to select the element.
    10. Optionally, add a comment in the Comment field for your future reference.
    11. Click OK to save the changes.
  2. Configure the OpenID authentication in the properties of the administrator:
    1. Select Configuration, then browse to Administration > Access Rights > Administrators.
    2. Right-click an Administrator element, then select Properties.
    3. From the Authentication drop-down list, select the OpenID authentication element.
    4. Click OK.
  3. Configure the SMC Web Access. For more details on how to enable or configure the SMC Web Access, refer to the following sections in the Secure SD-WAN Online Help documentation:
    • Enable SMC Web Access
    • Management Server Properties dialog box